admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 02:31:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2022-23944.md
之乎者也 1d0d2005ca
Create CVE-2022-23944.md
2023-04-07 11:06:13 +08:00

1.1 KiB
Raw Blame History

Apache ShenYu Admin plugin API Unauth Access Vulnerability (CVE-2022-23944)

Vulnerability Apache ShenYu Admin plugin API Unauth Access Vulnerability (CVE-2022-23944)
Chinese name Apache ShenYu Admin plugin 接口未授权访问漏洞CVE-2022-23944
CVSS core 9.1
FOFA Query (click to view the results directly) body="id=\"httpPath\" style=\"display: none"
Number of assets affected 74
Description Apache ShenYu is an asynchronous, high-performance, cross-language, reactive API gateway of the Apache Foundation. Apache ShenYu 2.4.0 and 2.4.1 have an access control error vulnerability that stems from users accessing the /plugin api without authentication.
Impact Apache ShenYu 2.4.0 and 2.4.1 have an access control error vulnerability that stems from users accessing the /plugin api without authentication.